Skip to main content

Home/ Coders/ Group items tagged xss

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
David McCart

XSS (Cross Site Scripting) Cheat Sheet - 0 views

ha.ckers.org/xss.html

xss cheatsheet

shared by David McCart on 20 Aug 09 - Cached
  • David McCart on 20 Aug 09
     
    all about implementing an XSS attack, just for security testing, obviously
  • David McCart on 20 Aug 09
     
    just for security testing
Joel Bennett

Introducing the Anti-Cross Site Scripting Library - ASP.NET Forums - 0 views

forums.asp.net/1062815.aspx

asp.net defensive development hacking library microsoft webdesign xss

shared by Joel Bennett on 22 Jul 08 - Cached
  • Cross-site scripting (XSS) attacks exploit vulnerabilities in Web-based applications that fail to properly validate and/or encode input that is embedded in response data.  Malicious users can then inject client-side script into response data causing the unsuspecting user's browser to execute the script code.  The script code will appear to have originated from a trusted-site and may be able to bypass browser protection mechanisms such as security zones.
  • Joel Bennett on 22 Jul 08
     
    Asp.Net forum post announcing the Anti-Cross Site Scripting (XSS) library from Microsoft, with links to downloa.d and documentation
David McCart

XSS (Cross Site Scripting) Prevention Cheat Sheet - OWASP - 1 views

www.owasp.org/...ipting)_Prevention_Cheat_Sheet

XSS prevention cheatsheet

shared by David McCart on 20 Aug 09 - Cached
  • David McCart on 20 Aug 09
     
    XSS again, but from the other side of the fence
Joel Bennett

Performance & Security for Any Website | CloudFlare (Private Beta) | Overview - 1 views

www.cloudflare.com/overview.html

Development WebDesign Free Security Spam Bots

shared by Joel Bennett on 01 Oct 10 - No Cached
  • CloudFlare protects and accelerates any website online. Once your website is a part of the CloudFlare community, its web traffic is routed through our intelligent global network. We automatically optimize the delivery of your web pages so your visitors get the fastest page load times and best performance. We also block threats and limit abusive bots and crawlers from wasting your bandwidth and server resources. The result: CloudFlare-powered websites see a significant improvement in performance and a decrease in spam and other attacks.
  • Joel Bennett on 01 Oct 10
     
    CloudFlare claims they can keep spambots off your website, and even stop SQL injection and XSS attacks before they hit your servers ... and they're willing to do part of that for FREE
David Corking

fbcdn.net i.e. facebook - On the internet - 0 views

forums.whirlpool.net.au/...957366.html

Security Web development

shared by David Corking on 23 Apr 09 - Cached
  • By having a domain that isn't just a subdomain (ie, x.facebook.com) like fbcdn.net, each request isn't burdened with the additional cookies and thus minimizes the bandwidth required on the request
  • David Corking on 23 Apr 09
     
    So what is the best way to set up NoScript to avoid XSS attacks from Facebook users?
Fabien Cadet

HTML Purifier - Filter your HTML the standards-compliant way! - 5 views

htmlpurifier.org

PHP HTML security standard compliance

shared by Fabien Cadet on 16 Feb 11 - Cached
  • Fabien Cadet on 16 Feb 11
     
    HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications. Tired of using BBCode due to the current landscape of deficient or insecure HTML filters? Have a WYSIWYG editor but never been able to use it? Looking for high-quality, standards-compliant, open-source components for that application you're building? HTML Purifier is for you!
Joel Bennett

OWASP Encoding Project - 0 views

www.owasp.org/...ategory:OWASP_Encoding_Project

crossplatform development webdesign xss

shared by Joel Bennett on 23 Jul 08 - Cached
  • Joel Bennett on 23 Jul 08
     
    The Reform library provides a solid set of functions for encoding output for the most common context targets in web applications (e.g. HTML, XML, JavaScript, etc). The library also takes a conservative view of what are allowable characters based on historical vulnerabilities, and current injection techniques.
David Corking

Twitter XSS Strikes Again | SophosLabs blog | April 18 2009 - 0 views

www.sophos.com/...4074

Social Networking Security

shared by David Corking on 22 Apr 09 - No Cached
  • David Corking on 22 Apr 09
     
    "It is still a good idea to run Firefox and NoScript to help protect yourself from all kinds of Javascript attacks." Not more of this?!
1 - 8 of 8
Showing 20 items per page